An error occurred fetching the project authors.
  1. 29 Jun, 2021 1 commit
  2. 15 Jun, 2021 1 commit
  3. 12 May, 2021 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Solve ATS configuration asymmetry · 478ca801
      Łukasz Nowak authored
      Accessing http with path starting with /HTTPS/ would result with 503 responses
      from ATS itself.
      
      Test is covering the problem and also asserting that fix does not damage https
      access with path starting with /HTTP/
      478ca801
  4. 26 Jan, 2021 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Move out logic from configuration file generation · fc23be53
      Łukasz Nowak authored
      As decision making quite often requires access to more than one slave entry,
      it's better to keep the logic above configuration generation. Also
      configuration generation is already complex, and it's better to have it
      simplified, especially in case of switching the component.
      
      Use already prepared values from apache-custom-slave-list.cfg.in in
      default-virtualhost.conf.in to simplify even more.
      
      Pass variables to the other profiles without casting them to string, so that
      they work out of the box.
      fc23be53
  5. 18 Nov, 2020 3 commits
  6. 20 Oct, 2020 9 commits
  7. 05 Oct, 2020 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Provide backend-haproxy statistic · 8d5910dc
      Łukasz Nowak authored
      Each node allows for global statistic access for full backend-haproxy, which
      is exposed using special frontend, and then transferred back to the master
      partition, so that the administrator can access it.
      8d5910dc
  8. 30 Sep, 2020 1 commit
  9. 25 Sep, 2020 2 commits
  10. 15 Sep, 2020 3 commits
  11. 30 Jul, 2020 2 commits
    • Łukasz Nowak's avatar
      caddy-frontend: Expose backend log files to slaves · 65700284
      Łukasz Nowak authored
      Backend logs are exposed as usual access and error logs.
      
      By using rsyslogd templates and regex filtering, the rsyslogd reacts itself
      and creates needed files per each slave which accesses it. Thanks to this, it's
      configuration is static from point of view of SlapOS profiles, and can be
      generated once.
      
      As the rsyslogd configuration became fully special to backend-haproxy, the
      rsyslogd template filename and its references has been correctly renamed.
      65700284
    • Łukasz Nowak's avatar
      caddy-frontend: Configure log retention locally · 58206fa6
      Łukasz Nowak authored
      Logs are critical for caddy-frontend, so let's configure rotate-num locally,
      as changes in the stack can come unattended, and can result with loosing logs.
      58206fa6
  12. 17 Jul, 2020 3 commits
    • Łukasz Nowak's avatar
      caddy-frontend: Setup backend client auth · 3be5f4ce
      Łukasz Nowak authored
      By default do not offer authentication certificate, the switch
      authenticate-to-backend can be used on cluster or slave level to control
      this feature.
      3be5f4ce
    • Łukasz Nowak's avatar
      caddy-frontend: Implement log file for backend-haproxy · 5b024d04
      Łukasz Nowak authored
      rsyslogd is used, as haproxy does not support writing log files by its own.
      5b024d04
    • Łukasz Nowak's avatar
      caddy-frontend: Put haproxy just before the backend · ec3d4ae9
      Łukasz Nowak authored
      This is needed in order to provide future support for client certificates
      to the backend.
      
      Also it means that haproxy is used in all cases, with or without cache, and as
      a result the "cached" version of caddy is dropped.
      
      Let haproxy setup maxconn by itself, as it's wise enough.
      
      Also trust that it'll detect and use proper limits, instead enforcing them in
      the shell with ulimit trick (ulimit -n $(ulimit -Hn)).
      
      As empty server alias can impact the configuration, add proper test for
      checking it.
      ec3d4ae9
  13. 14 Jul, 2020 2 commits
  14. 22 Jun, 2020 3 commits
  15. 06 Mar, 2020 1 commit
  16. 02 Mar, 2020 2 commits
  17. 30 Dec, 2019 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Set open files soft limit · 324c08d0
      Łukasz Nowak authored
      Caddy by itself does not raise soft limit of open files, so it has to be set
      by the wrapper.
      
      As slapos.cookbook:wrapper can't be used for such case, the
      slapos.recipe.template:jinja2 recipe inline style is used to have full
      control over the created wrapper.
      
      /reviewed-on nexedi/slapos!678
      324c08d0
  18. 19 Nov, 2019 1 commit
  19. 04 Oct, 2019 1 commit
    • Thomas Gambier's avatar
      do not create two wrappers for the same executable if hash change · ed707d3b
      Thomas Gambier authored
      Prevent creating 2 wrapper for the same service if hash changed. Here, one service is exited because port is used by the firt to service to start:
      
          slappart6:runner-sshd-4248650e36a9a26a6481df1baffd9f58-on-watch                RUNNING   pid 27835, uptime 0:03:45
          slappart6:runner-sshd-b3b68f4278ceb84691ec27521ea229eb-on-watch                EXITED    Mar 06 04:52 PM
      
      To achieve that, update slapos.cookbook and use hash-existing-files option of wrapper recipe
      
      hash-existing-files list all the files used for hash that are not
      handled by buildout. For those files, the hash is calculated as soon as
      the __init__ function so that if there is a change in those files,
      buildout will remove the existing wrapper (it will uninstall the
      section) and replace it with the new wrapper.
      
      /reviewed-on nexedi/slapos!525
      ed707d3b
  20. 01 Oct, 2019 1 commit